<?
include '../connect.php';
session_start();
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" />
<title>Add Item</title>
<style type="text/css">
<!--
body {
	background-color: #000000;
	background-image: url(../../images/alliance-tile.jpg); background-repeat:repeat-x;
}
body,td,th {
	color: #CC9900;
	font-family: Arial, Helvetica, sans-serif;
	font-size: 13px;
}
a:link {
    color:#CC9900; 
	
	
}
a:visited {
    color:#CC9900;
	
}
a:hover {
    color:#ffffff;
}
a:active {
    color:#FF0000;

	
}
input { background:transparent; background-image:url(../../images/transp.png); color:#FFFFFF; border: 1px solid #333333}
select { background-color:#000000; color:#FFFFFF; border: 1px solid #333333}
textarea { background-color:#000000; color:#FFFFFF; border: 1px solid #333333}

-->
</style></head>

<body>

<center>
<?PHP
$user=$_SESSION['user'];
$getuser="SELECT * from b_users a, b_templates b where b.templateid=a.templateclass and a.username='$user'";
$getuser2=mysql_query($getuser) or die("Could not get user info");
$getuser3=mysql_fetch_array($getuser2);
$templateclass="default";

$s=$_SERVER["REMOTE_ADDR"];
$checkip="SELECT * from b_banip where ip='$s'";
$checkip2=mysql_query($checkip) or die("Could not get IPs");
$checkip3=mysql_fetch_array($checkip2);
if($checkip3)
{
   die("<table class='maintable'><tr class='headline'><td><center><strong>Add News Failed</strong></center></td></tr><tr class='forumrow'><td><center>Your IP was banned from posting! Go away!</center></td></tr></table>");
}

if (isset($_SESSION['user'])||$guestposting=="Yes"||$guestposting=="yes")
{
 $user=$_SESSION['user'];
 $getid="SELECT * from b_users where username='$user'";
 $getid2=mysql_query($getid) or die("could not get user");
 $getid3=mysql_fetch_array($getid2);

 $getforuminfo="SELECT * from b_forums where ID='$forumID'";
  $getforuminfo2=mysql_query($getforuminfo) or die("Could not get forum info");
  $getforuminfo3=mysql_fetch_array($getforuminfo2);
  if(!$_SESSION['user'])
   {
         $getid3[status]=-1;
   }

 if($getid3[banned]=="Yes")
 {
  die("<table class='maintable'><tr class='headline'><td><center><strong>New News Failed</strong></center></td></tr><tr class='forumrow'><td><center>You have been banned from posting</center></td></tr></table>");
 } 
 
 if(isset($_POST['reply']))
 {
 	 $sep=$_POST['sep'];
     if ($sep=="1") { 
	   if(!$_POST['name']|| !$_POST['color']|| !$_POST['sort']|| !$_POST['cat'])
      {
        print "<table>";
        print "<tr class='headline'><td><center><strong>Adding News Failed</strong></center></td></tr>";
        print "<tr class='forumrow'><td><center>";
        print "One of the required fields was not filled in, mast be filled color, name, sort and cat.";
        print "</td></tr></table>";
      }
      else
      {
       $itemid="0";
       $name=$_POST['name']; 
	   $cat=$_POST['cat']; 
       $color=$_POST['color'];
       $sort=$_POST['sort'];
	   $cost="0";
	   $charges="0";
       $name=htmlspecialchars($name);
       $posting="INSERT INTO b_shop (sep, name, itemid, color, cat, sort, cost, charges) values ('$sep', '$name', '$itemid', '$color', '$cat', '$sort', '$cost', '$charges')";
       mysql_query($posting) or die("could not post");
       print "<br><br><br><br><table>";
       print "<tr><td><center><strong>Add Item Successfull</strong></center></td></tr>";
       print "<tr class='forumrow'><td><center>";
       print "Thanks for posting. Redirecting to Admin CP. <META HTTP-EQUIV = 'Refresh' Content = '1; URL =index.php'>";
       print "</td></tr></table>";
      }
	 } else {
      if(!$_POST['id'] || !$_POST['name']|| !$_POST['color']|| !$_POST['sort']|| !$_POST['cat']|| !$_POST['cost'])
      {
        print "<table>";
        print "<tr class='headline'><td><center><strong>Adding News Failed</strong></center></td></tr>";
        print "<tr class='forumrow'><td><center>";
        print "One of the required fields was not filled in, please go back and try again.";
        print "</td></tr></table>";
      }
      else
      {
       $itemid=$_POST['id'];
       $name=$_POST['name']; 
	   $cat=$_POST['cat']; 
       $color=$_POST['color'];
       $sort=$_POST['sort'];
	   $cost=$_POST['cost'];
	   $charges=$_POST['charges'];
       $name=htmlspecialchars($name);
       $posting="INSERT INTO b_shop (sep, name, itemid, color, cat, sort, cost, charges) values ('$sep', '$name', '$itemid', '$color', '$cat', '$sort', '$cost', '$charges')";
       mysql_query($posting) or die("could not post");
       print "<br><br><br><br><table>";
       print "<tr><td><center><strong>Add Item Successfull</strong></center></td></tr>";
       print "<tr class='forumrow'><td><center>";
       print "Thanks for posting. Redirecting to Admin CP. <META HTTP-EQUIV = 'Refresh' Content = '1; URL =index.php'>";
       print "</td></tr></table>";
      }
	 }
 }

else
 {
    print "<br><br><br><br><table style='border: 1px solid #000000; background-image: url(../../images/transp.png)'>";
	print "<tr><td>";
    print "<tr><td style='background-image: url(../../images/transpblack.png)'><center><strong>Add Item Link - <a target='_blank' href='http://www.wowhead.com'>Search for item ids here</a></strong></center></td></tr>";
    print "<tr><td><center>";
    print "<table border='0'>";
    print "<tr><td>";
    print "<form action='additem.php' method='post' name='form'>";
	print "<strong>Is item: </strong><select name='sep'>
	<option selected='selected' value='0'>Yes</option>
	<option value='1'>No</option></select> (if \"No\" then it will be displayed as category title)
	<br><br>";
	print "<strong>Item ID: <br></strong>     <input type='text' name='id'><br><br>";
    print "<strong>Item Name / Title *: <br></strong>   <input type='input' name='name'><br><br>";
    print "<b>Color *: (blue=#0f64dd - orange=orange - white=white - green=#1dff08 - purple=#8f35d2)</b> <br><input type='input' name='color'><br><br>";
    print "<b>Sort *: (lower values first)</b> <br><input type='input' name='sort'><br><br>";
    print "<b>Cost Points:</b> <br><input type='input' name='cost'><br><br>";
	print "<b>Category id *: (default 1)<br></b> <input type='input' name='cat'><br><br>";
	print "<b>Charges: (default 0, if there is item that requires charges put value here)<br></b> <input type='input' name='charges'><br>";
    print "<input type='submit' name='reply' value='Add Item'>";
    print "</form><br><br>* - if you posting cat. title/seperator, this fields are only requred, if item all are required";

   
    print "</td></tr></table></td></tr></table>";
   
 }
}
else
{
  print "<br><br><br><br><table  style='border: 1px solid #000000; background-image: url(../../images/transp.png)'>";
  print "<tr><td  style='background-image: url(../../images/transpblack.png)'><center><strong>Posting Item Failed</strong></center></td></tr>";
  print "<tr class='forumrow'><td><center>";
  print "Not logged in as Admin, please <A href='../../forum/login.php'>go here</a> to log in";
  print "</td></tr></table>";
}
 
?>

</td></tr></table>

</center></body></html>